What I mean is that I want to grand acces to the internet. But only to ports
I 'trust', like 80,21,22 etc. But when I make a rule like:

add 550 allow ip from me to any 80,21,22

I cannot acces a website, that puzzles me.

> On Mon, Jul 01, 2002 at 15:57 +0200, nascar24 wrote:
> >
> > I've been using the IPFW for some time now but I have one problem. I
have
> > closed my firewall (I guess) from attacks from the outside world. But I
am
> > open to attacks from within, i.e: trojan horses etc.
> >
> > Here is my rc.firewall.rules file. I think it is in rule 500 & 550. But
if I
> > change them to 21,22,80,8080 I cannot connect to any websites or FTP
sites.
> >
> > [ filter rule set snipped ]
> >
> > I hope you can help, thanks in advance.
>
> What exactly is your question?
>
> If you want to "less trust the inside", close the inner interface
> as much as you did with the outside.
>
> If you are looking for hints on how to generally improve your
> filter rules I strongly suggest you have a look at the ipfilter
> HowTo -- even if you don't use ipf: this document talks about
> the basics, too, plus derives / designes a rule set from bottom
> up. Visit www.ipfilter.org or look at the misc/26763 PR (Cyrille
> Lefevre, "installing ipfilter sample files to share/examples").
>
>
> virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76
> Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittiggmx.net
> --
> If you don't understand or are scared by any of the above
> ask your parents or an adult to help you.
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]